The hacker group World Leaks hacked one of Dell’s demonstration platforms and attempted to extort a ransom from the company. Dell reports that the criminals only stole “synthetic” (fake) data.
Representatives from Dell confirmed to the media that attackers managed to breach the Customer Solution Centers platform, which is used to demonstrate products and solutions to clients.
“Recently, attackers gained access to our Solution Center—a dedicated environment for demonstrating our products and testing trial versions for Dell’s commercial clients. The platform is intentionally separated from client and partner systems, as well as from Dell’s own networks, and is not used for providing services to clients,” the company explained.
It is specifically emphasized that the data used in the Solution Center is mostly synthetic (dummy), meaning it consists of publicly available datasets, non-confidential and system information, and test results intended solely for demonstrating Dell products.
“According to the results of the current investigation, the data obtained by the attackers is mostly synthetic, publicly available, or related to system or test environments,” Dell stated.
According to Bleeping Computer, members of World Leaks apparently believed they had stolen 1.3 TB of valuable information from Dell, including medical and financial data. However, according to the publication, the hackers ended up with fake data, and the only real information in the dump was an outdated contact list.
Journalists attempted to inquire with Dell representatives about the specifics of how the company was hacked, but received no response. The company cited an ongoing investigation and stated that they would not share any information until it is concluded.
Recall that according to information from cybersecurity specialists, the World Leaks group, which emerged in early 2025, is a “rebranding” of the RaaS group (Ransomware-as-a-Service) called Hunters International, which recently announced its closure.
World Leaks focuses exclusively on data theft and does not use encryptors. The group’s tactic is based on stealing data and extracting maximum profit from it—either extorting money from victim companies or selling the information to interested parties.
Currently, World Leaks has already begun publishing the data stolen from Dell on their website. Most of this information consists of configuration scripts, backups, and system data related to the deployment of various IT systems. In the dump, one can find rare passwords used within the company when setting up equipment. However, it seems that the leak does not contain any confidential corporate or client data.
2025.02.01 — Critical RCE vulnerability fixed in Cacti
A critical vulnerability has been discovered in the open-source Cacti framework: it enables an authenticated attacker to remotely execute arbitrary code. Vulnerability's ID is CVE-2025-22604; its…
Full article →
2025.01.24 — Hundreds of websites impersonating Reddit and WeTransfer spread Lumma Stealer
Sekoia researcher crep1x discovered that hackers are currently using some 1,000 pages impersonating Reddit and WeTransfer. Victims visiting these sites are tricked into…
Full article →
2025.04.23 — Improper authentication control vulnerability affects ASUS routers with AiCloud
ASUSTeK Computer Inc. fixed an improper authentication control vulnerability in routers with AiCloud. The bug allows remote attackers to perform unauthorized actions on vulnerable devices. The issue…
Full article →
2025.02.12 — 2.8 million IP addresses used to brute-force network devices
The Shadowserver Foundation warns of a massive web login brute-forcing attacks targeting nearly 2.8 million IP addresses per day. Unknown attackers are seeking…
Full article →
2025.02.07 — 768 vulnerabilities were exploited by hackers in 2024
According to VulnCheck, 768 CVEs were registered as exploited in real-life attacks in 2024. This is 20% greater compared to 2023 when hackers exploited 639 vulnerabilities. Interestingly,…
Full article →
2025.01.29 — Google to disable Sync in older Chrome versions
Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years. Chrome Sync enables users to save and sync their…
Full article →
2025.02.21 — Microsoft fixes vulnerability in Power Pages exploited by cybercriminals
Microsoft patched a severe privilege escalation vulnerability in Power Pages used by hackers as a 0-day. The vulnerability tracked as CVE-2025-24989 (CVSS score 8.2) pertains…
Full article →
2025.04.30 — Coinbase fixes 2FA bug that made customers panic
Cryptocurrency exchange Coinbase has fixed a bug in its Account Activity logs that caused customers to think their credentials were compromised. Earlier this month, BleepingComputer…
Full article →
2025.03.05 — Polish Space Agency disconnects its network due to hacker attack
Last weekend, the Polish Space Agency (POLSA) had to disconnect all of its systems from the Internet to localize an attack targeting its IT infrastructure. After discovering the intrusion,…
Full article →
2025.01.30 — Hackers use vulnerabilities in SimpleHelp RMM to attack corporate networks
Experts believe that recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) were used by attackers to gain initial access to corporate networks. A number…
Full article →